- Barajar
ActivarDesactivar
- Alphabetizar
ActivarDesactivar
- Frente Primero
ActivarDesactivar
- Ambos lados
ActivarDesactivar
- Leer
ActivarDesactivar
Leyendo...
Cómo estudiar sus tarjetas
Teclas de Derecha/Izquierda: Navegar entre tarjetas.tecla derechatecla izquierda
Teclas Arriba/Abajo: Colvea la carta entre frente y dorso.tecla abajotecla arriba
Tecla H: Muestra pista (3er lado).tecla h
Tecla N: Lea el texto en voz.tecla n
Boton play
Boton play
18 Cartas en este set
- Frente
- Atrás
|
Byte-range Fetches
|
With byte-range fetches, users can establish concurrent connections to Amazon S3 to fetch different parts from within the same object.
|
|
S3 Glacier Select
|
S3 Glacier Select can be used to query specific data from Amazon S3 Glacier Instead of querying whole data
|
|
Version-enabled by version
|
With version-enabled S3 bucket, each version of an object can have a different retention period.
|
|
CORS
|
Cross-Origin Resource Sharing.
To keep your content safe, your web browser implements something called the same-origin policy. |
|
S3 strong read-write consistency
|
Objects requires access immediately after a write.
|
|
CORS Methods
|
GET, PUT, POST, DELETE and HEAD
|
|
S3 Cross-region replication
|
It is a bucket-level configuration that enables automatic, asynchronous copying of objects across buckets in different AWS Regions.
|
|
Presigned URLs
|
The object can be shared with others securily.
The presigned URL are valid only for the specified duration. |
|
WORM
|
Write Once Read Many
|
|
If you want WORM in S3
|
After the S3 object lock is enabled, you can prevent the S3 objects from being deleted or overwritten for a fixed amount of time or indefinitely.
Enable S3 object lock when create the bucket. |
|
Object expiration is configure by _____________
in _______________. Amazon S3 will remove the ________________ |
User
S3 life cycle Expired objects |
|
Secure the data at rest and in transit in AWS
|
Encrypt all EBS volumes attached to EC2 Instances
Use SSL/HTTPS when using ELB. Use server-side Encryption for S3 (Encryption at rest) |
|
EC2 part of Auto Scaling Group.
EC2 need access to S3 |
Launch configuration in Auto Scaling Group need to have a instance profile associate with the IAM role to Access S3 Objects
|
|
Ensure that all objects are encrypted at rest in bucket.
|
Ensure that the default encryption is enabled for the s3 bucket.
Ensure to change the configuration of the bucket to use a KMS key to encrypt the objects. |
|
AWS KMS
|
Key Management Service
|
|
Encryption at Rest: SSE
|
*Server-side encryption
*SSE-S3 *SSE-KMS *SSE-C |
|
Encryption in transit
|
*SSL/TLS
*HTTPS |
|
Store sensitive document in a S3 bucket.
Is requirement the documents are encrypted at rest. The client want manage the underlying key used for encryption but not the encryption/decryption process |
Use S3 server-side encryption with Customer Keys
|
